With the European Commission’s (“EC”) approval of the U.S.-EU Privacy Shield Framework (“Privacy Shield) on July 12, 2016, many companies are rushing to self-certify to the new compliance mechanism for personal data transfers from Europe to the United States. By certifying in the first two months – by September 30, 2016 – organizations can take advantage of a nine-month grace period from the date they certify to bring their existing commercial relationships and agreements with third parties into conformity with the Accountability for Onward Transfer Principle.

On June 28, 2016, Public Knowledge petitioned the FCC for an emergency stay of the usage of spectrum by devices that enable vehicle-to-vehicle and vehicle-to-infrastructure communications until the FCC adopts adequate cyber security and data privacy rules for such devices. The impending implementation of vehicle-to-vehicle devices prompted Public Knowledge to file its petition

The Safe Harbor provision has finally set sail. On Monday, the Hamburg Data Protection Authority (“Hamburg DPA”) announced that it has fined three companies an aggregate total of €28,000 ($31,928) for continuing to operate under the U.S.-E.U. Safe Harbor Framework. This is the first enforcement action by any European country since the European Court of Justice (“CJEU”) invalidated the Safe Harbor last October.

On March 2, the Consumer Financial Protection Bureau (the “Bureau”) announced enforcement action against online payment processor, Dwolla Inc. (“Dwolla”). This is the Bureau’s first enforcement action related to data security pursuant to its authority to prohibit unfair, deceptive, and abusive acts and practices (“UDAAP”).

Congress has taken a critical step in implementing its obligations under the recently announced EU-U.S. Privacy Shield through Wednesday night’s passage of the Judicial Redress Act in the House of Representatives.

In an event yesterday at the U.S. Chamber of Commerce, Federal Trade Commission (“FTC”) Commissioner Terrell McSweeny offered businesses the following guidance on current privacy, data security and the Internet of Things (“IoT”) issues.

Two days after the expiration of the deadline to reach an agreement on data transfers between the EU and U.S., authorities on both sides of the Atlantic have announced a new framework to handle such transfers.

With apologies to Queen (Bohemian Rhapsody is one of my all-time faves), cyberattacks on public infrastructure have become a reality. Just yesterday, Israel’s Public Utility Authority reportedly was targeted, resulting in temporary disruption of winter electricity to thousands of Israelis.